What are your favorite security tools?
I have a number and I'll list them. But as I often note when I speak and in my book, security is not strictly about the best tools. Being proficient in security tools is just one part of being good at security-- in fact, while it's a fascinating and important part, it's a smaller part. Understanding security is about understanding distributed computing technologies in breadth and, where necessary, great depth and how those technologies relate to security. It's an art form, a process, and a mind set. It's about understanding precisely how networks, applications, people, business, information, and infrastructure come together, along with the life cycle management of those things. By analogy, someone can have all the tools of a great car mechanic and know how to use each tool, but can't do much with them if they don't understand the car. So security knowledge of security tools by themselves is not enough. With that said, some of my favorite tools include Snort, NetCat, NMAP, Sam Spade, Protocol Analyzers in general (Ethereal, others), Nessus, dsniff, Tripwire, OpenSSL, PGP, Chkrootkit, and about 1000 other tools!
What operating system(s) do you use and why?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.